package com.yh.myRealm;

import java.util.HashSet;
import java.util.Set;

import javax.annotation.Resource;
import javax.servlet.http.HttpSession;

import org.apache.shiro.authc.AuthenticationException;
import org.apache.shiro.authc.AuthenticationInfo;
import org.apache.shiro.authc.AuthenticationToken;
import org.apache.shiro.authc.SimpleAuthenticationInfo;
import org.apache.shiro.authc.UnknownAccountException;
import org.apache.shiro.authc.UsernamePasswordToken;
import org.apache.shiro.authz.AuthorizationInfo;
import org.apache.shiro.authz.SimpleAuthorizationInfo;
import org.apache.shiro.realm.AuthorizingRealm;
import org.apache.shiro.subject.PrincipalCollection;

import com.yh.bean.Permission;
import com.yh.bean.User;

import com.yh.service.UserService;

import com.yh.util.UserContextUtil;

/*
 * 自定义一个类继承授权域对象达到自己这个类可以控制自己的作用域范围
 */
public class MyRealm extends AuthorizingRealm {

	@Resource
	private UserService userService;
	
	//1.重写授权方法，为当前用户授予权限和角色
	@Override
	protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principals) {
		//1. 获取用户登录时用户输入的名字
		String loginName=(String) principals.fromRealm(getName()).iterator().next();
		//2.到数据库查找是否有该用户
		User user = userService.findUserByUserName(loginName);
		
		if(user != null){
			//3.如果查找出得对象不是空就把user得角色名称信息放入到 授权信息对象中
			SimpleAuthorizationInfo info = new SimpleAuthorizationInfo();
			Set<String> roles = new HashSet<String>();
			roles.add(user.getRole().getRole_name());
			info.setRoles(roles);
			//4.把用户对应的权限信息放入到授权信息对象中
			
			Set<Permission> psets = user.getRole().getPlists();
			for (Permission permission : psets) {
				info.addStringPermission(permission.getPer_name());
			}
			return info;
			
			
		}
		
		
		
		return null;
	}
    //验证当前登录的用户，获取认证信息
	@Override
	protected AuthenticationInfo doGetAuthenticationInfo(
			AuthenticationToken token) throws AuthenticationException {
		//1.把token 对象转为UsernamePasswordToken 对象
		UsernamePasswordToken upToken = (UsernamePasswordToken) token;
		//2.获取controller 层穿过来的username 和密码
		String username = upToken.getUsername();
		System.out.println("=========="+username);
		//String password = upToken.getPassword().toString();
		//System.out.println("myrealm层的密码"+password);
		//3.调用业务层方法查找出该用户所对应的密码
		User user = userService.findUserByUserName(username);
		System.out.println("realm类中的user对象"+user);
		//4.进行多重判断
		if(user != null){
			if(user.getState()==1){
				Object principal = user.getUser_name();//获取用户名
				System.out.println("============================"+principal);
				Object credentials = user.getPassword();//数据库中查找的密码
				//System.out.println("myrealm层的加密之后的密码"+password);
				String realmName = getName();
				AuthenticationInfo auInfo =new SimpleAuthenticationInfo(principal, credentials, realmName);
				 
				//5.调用userContexutil 把当前用户放入当前session中去
				HttpSession session=UserContextUtil.getSession();
				UserContextUtil.setUser(user, session);
				
				return auInfo;
			}else {
				throw new UnknownAccountException("用户已被冻结请联系管理员");
			}
			
		}else{
			throw new UnknownAccountException("用户不存在");
		}
		
	}

	
}
